Lucene search
K

43 matches found

Github Security Blog
Github Security Blog
added 2024/11/22 8:27 p.m.37 views

Sentry improper error handling leaks Application Integration Client Secret

Impact During routine testing, we identified a scenario where a specific error message generated by our platform could include a plaintext Client ID and Client Secret for an application integration. The Client ID and Client Secret would not be displayed in the UI, but would be returned in the...

5.3CVSS5.6AI score0.00628EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2024/11/22 8:15 p.m.35 views

CVE-2024-53253

Sentry is an error tracking and performance monitoring platform. Version 24.11.0, and only version 24.11.0, is vulnerable to a scenario where a specific error message generated by the Sentry platform could include a plaintext Client ID and Client Secret for an application integration. The Client ...

5.3CVSS0.00628EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/22 7:58 p.m.20 views

CVE-2024-53253 Sentry's improper error handling leaks Application Integration Client Secret

Sentry is an error tracking and performance monitoring platform. Version 24.11.0, and only version 24.11.0, is vulnerable to a scenario where a specific error message generated by the Sentry platform could include a plaintext Client ID and Client Secret for an application integration. The Client ...

5.3CVSS0.00628EPSS
Exploits0References3
Fedora
Fedora
added 2024/06/05 1:41 a.m.11 views

[SECURITY] Fedora 40 Update: kf5-frameworkintegration-5.115.0-3.fc40

Framework Integration is a set of plugins responsible for better integration of Qt applications when running on a KDE Plasma workspace. Applications do not need to link to this directly...

9.8CVSS6.6AI score0.0097EPSS
Exploits0
NVD
NVD
added 2021/10/21 3:15 a.m.26 views

CVE-2021-34743

A vulnerability in the application integration feature of Cisco Webex Software could allow an unauthenticated, remote attacker to authorize an external application to integrate with and access a user's account without that user's express consent. This vulnerability is due to improper validation o...

7.1CVSS0.00438EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/17 12:0 a.m.16 views

File Upload Vulnerability in Library Cluster Management System of Guangzhou Tutron Computer Software Development Co. Ltd (CNVD-2021-58569)

Guangzhou Tutron Computer Software Development Co., Ltd. is a high-tech enterprise integrating product research and development, application integration and customer service, with the main goal of providing high-quality application software system design, integration and maintenance services for...

7.3AI score
Exploits0
CNVD
CNVD
added 2021/07/10 12:0 a.m.12 views

File Upload Vulnerability in Library Cluster Management System of Guangzhou Tutron Computer Software Development Co. Ltd (CNVD-2021-52386)

Ltd. is a high-tech enterprise integrating product research and development, application integration and customer service, with the main goal of providing high-quality application software system design, integration and maintenance services for users in the library industry. There is a file uploa...

7.3AI score
Exploits0
CNVD
CNVD
added 2021/07/10 12:0 a.m.7 views

SQL Injection Vulnerability in Library Cluster Management System of Guangzhou Tutron Computer Software Development Co. Ltd (CNVD-2021-52066)

Ltd. is a high-tech enterprise integrating product research and development, application integration and customer service, with the main goal of providing high-quality application software system design, integration and maintenance services for users in the library industry. There is a SQL...

7.5AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/06/16 7:1 a.m.45 views

5 Things to Know About Imperva RASP

Imperva Runtime Application Self-Protection RASP is a server-side security solution for applications, providing application security by default. Here are 5 things to know about Imperva RASP: 1. RASP and a WAF are complementary While a cloud-based web application firewall keeps previously known ba...

0.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/06/05 12:0 a.m.5 views

The vulnerability of Oracle Siebel’s EAI and SWSE platform’s UI framework allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Oracle Siebel UI Framework components is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP protocol...

4.3CVSS5.8AI score0.0107EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/04/16 12:0 a.m.5 views

Oracle Siebel CRM Siebel UI Framework Unauthorized Read Vulnerability

Oracle Siebel CRM is the United States Oracle Oracle company's set of customer relationship management solutions. The program includes sales management, marketing management, customer service systems, call center modules. Siebel UI Framework is one of the user interface framework components. A...

4.3CVSS8.6AI score0.0107EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/02/11 12:0 a.m.7 views

The vulnerability of the EAI component of the Siebel UI Framework allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the EAI component of the Siebel UI Framework is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP protocol...

5.3CVSS6.2AI score0.01596EPSS
Exploits0References3Affected Software1
n0where
n0where
added 2017/08/06 5:35 p.m.23 views

the Crypto Undertaker: Tomb

Tomb aims to be a free and open source system for easy encryption and backup of personal files, written in code that is easy to review and links shared GNU/Linux components. At present, Tomb consists of a simple shell script Zsh using standard filesystem tools GNU and the cryptographic API of the...

7.6AI score
Exploits0References6
OSV
OSV
added 2016/07/21 10:15 a.m.5 views

CVE-2016-5468

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality and integrity via vectors related to EAI, a different vulnerability than CVE-2016-5451...

5.4CVSS5.8AI score0.01438EPSS
Exploits0References4
OSV
OSV
added 2016/07/21 10:15 a.m.5 views

CVE-2016-5451

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality and integrity via vectors related to EAI, a different vulnerability than CVE-2016-5468...

8.1CVSS5.8AI score0.02238EPSS
Exploits0References4
CNVD
CNVD
added 2016/07/21 12:0 a.m.7 views

Unspecified Vulnerability in Oracle Siebel CRM Siebel UI Framework Component (CNVD-2016-05472)

Oracle Siebel CRM is the United States Oracle Oracle company's set of customer relationship management solutions , which includes sales management , marketing management , customer service systems , call centers and other modules.Siebel UI Framework is one of the framework components based on the...

4.1CVSS6.8AI score0.01395EPSS
Exploits0References1
CNVD
CNVD
added 2016/07/21 12:0 a.m.5 views

Unspecified Vulnerability in Oracle Siebel CRM Siebel UI Framework Component (CNVD-2016-05471)

Oracle Siebel CRM is the United States Oracle Oracle company's set of customer relationship management solutions , which includes sales management , marketing management , customer service systems , call centers and other modules.Siebel UI Framework is one of the framework components based on the...

5.5CVSS6.8AI score0.01438EPSS
Exploits0References1
CNVD
CNVD
added 2015/05/21 12:0 a.m.2 views

MAS China Mobile Proxy Server SQL Injection Vulnerability

WAS China Mobile Proxy Server is a gateway that is deployed within the Intranet of group customers for application coupling with their OA, ERP, CRP and other application systems in order to satisfy the informatization needs of group customers who have a high degree of informatization to realize...

7.6AI score
Exploits0
CNVD
CNVD
added 2015/01/22 12:0 a.m.4 views

Unspecified Vulnerability in Oracle Siebel Core-EAI Component

Oracle Siebel is a customer relationship management software. A security vulnerability in the Integration Business Services subcomponent of the Oracle Siebel Core EAI component allows remote attackers to exploit the vulnerability to affect system availability...

4CVSS6.7AI score0.01303EPSS
Exploits0References1
NVD
NVD
added 2013/04/17 5:55 p.m.20 views

CVE-2013-2413

Unspecified vulnerability in the Siebel Enterprise Application Integration component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Web Services...

4.9CVSS5.2AI score0.01011EPSS
Exploits0References2
Rows per page
Query Builder